package com.cskaoyan.config;

import org.apache.commons.lang.StringUtils;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import java.io.Serializable;

/**
 * @Auther: Yang Yi-zhou
 * @Date: 2022/9/8 18:55
 * @Description: 解决跨域请求SessionId不一致的问题
 */
public class CustomSessionManager extends DefaultWebSessionManager {

    private static final String MARKET_ADMIN_TOKEN = "X-CskaoyanMarket-Admin-Token";
    private static final String MARKET_WX_TOKEN = "X-CskaoyanMarket-Token";

    @Override
    protected Serializable getSessionId(ServletRequest request, ServletResponse response) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
        String sessionId = httpServletRequest.getHeader(MARKET_ADMIN_TOKEN);
        if (!StringUtils.isEmpty(sessionId)) {
            return sessionId;
        }
        String sessionId1 = httpServletRequest.getHeader(MARKET_WX_TOKEN);
        if (!StringUtils.isEmpty(sessionId1)) {
            return sessionId1;
        }
        return super.getSessionId(request, response);
    }
}
